TechRadar News

• Call of Duty: Mobile Season 10 launches tomorrow
• The update includes a new weapon, battle royale map, and skins
• Call of Duty: Mobile has also hit one billion downloads worldwide

The fifth anniversary update for Call of Duty: Mobile arrives tomorrow, introducing a new season of content and an additional battle royale map.

Season 10 will introduce the new Anniversary Pass with both premium and paid tiers. Free players will be able to claim the all–new USS 9 SMG weapon, plus the brand-new Teleport battle royale class, a range of skins, weapon blueprints, Vault Coins, and more.

The Teleport class is equipped with a special beacon, which you can place and then teleport to from any point on the map.

Those who upgrade to the premium pass will be able to get their hands on new operator skins in addition to blueprints for the USS 9 and other weapons. A new Season 10 challenge pass will also be available via the in-game events tab, letting you earn challenge tokens and use them to purchase new skins, or complete Special Missions for special calling card unlocks.

The anniversary is also being marked by the addition of a new battle royale map, Krai. Krai is described as “a mid-sized map nestled in a valley at the base of the Ural Mountains” and seems to offer a good mix of both urban and rural combat environments. While playing on Krai, every operator is given one respawn and the option to come back into the game after that via a dropped dog tag that can be scanned by your squad.

Season 10 also contains plenty of new narrative content, with a special mission that follows Urban Tracker and Kumo-chan as they investigate Krai’s history, defeat enemies in combat, and complete mini-games to bypass security.

Publisher Activision has taken the opportunity to reveal that Call of Duty: Mobile has reached over one billion downloads worldwide since its release back in 2019. This is a huge milestone that most likely places Call of Duty: Mobile among some of the most downloaded mobile games of all time.

If you’re interested in giving it a go in time for the anniversary celebration, Call of Duty: Mobile is available as a free-to-play title on both Android and iOS.

You might also like

• Call of Duty: Black Ops 6 review: back with a bang
• Black Ops 6 Season 1 release date and what to expect
• Great news, the Call of Duty: Black Ops 6 double XP weekend has been extended

• Hackers found abusing DocuSign to send phishing emails
• The signed documents are used to request payment
• DocuSign says it has implemented additional safeguards

Cybercriminals are abusing DocuSign’s Envelopes API to trick businesses into signing fake invoices, which are later used to steal money from the victims.

DocuSign is an esign software platform that businesses can use to sign, send, and manage documents digitally - with “send” here being the keyword.

New findings by cybersecurity researchers Wallarm highlight how crooks would create fake invoices, and use DocuSign to send them to the victims for “signing”. Since they are using the platform, the emails are sent directly from DocuSign’s domain, appearing legitimate and moving past any email protection services the victims may have set up.

Bypassing the billing department

In the invoices, the crooks impersonate major brands, such as Norton, or PayPal. The funds requested are also in a realistic range, lending further credence to the campaign.

Businesses that don’t spot the ruse end up signing the documents, which might seem odd at first, since they don’t really lose money, or sensitive data, that way.

However, the attackers can leverage the signed documents to authorize payments outside of normal company procedures since, at the end of the day, the signatures in the invoices are legitimate. That way, they are effectively bypassing the billing departments and stealing money from their victims.

The attacks are not manual, since the distribution seems to be going in relatively high volumes, the researchers further explained. By using the 'Envelopes: create' function, attackers can generate and send a large volume of these fraudulent invoices to numerous potential victims simultaneously.

Wallarm added that the attacks have been going on for a while now. DocuSign acknowledged it, as well. Responding to a request for comment from BleepingComputer, the company said it worked to prevent misuse: “We are aware of the reports and take them very seriously,” it told the publication. “While, in the interest of security, we don’t disclose specifics that could alert bad actors to our prevention tactics, DocuSign has a number of technical systems and teams in place to help prevent misuse of our services.”

Commenting on the news, Erich Kron, security awareness advocate at KnowBe4, said that the campaign likely wouldn't be very successful, and gave a few tips on how to spot similar attacks:

"Because this is coming through an API exploit, they’re probably won’t be many signs that would be easy to spot as in a spoofed email. The easiest way to spot this is if it is asking you to renew a service that you don’t currently have, such as a specific brand of antivirus, it should stand out as a fake. Even if you do happen to have that brand of antivirus, it is always best to renew through the vendor website, or through the app itself," Kron explained.

"It is critical for people to be cautious when receiving unexpected invoices or other communications through email, text messages, or even phone calls as bad actors may sometimes combine tactics to further confuse potential victims or try to improve the believability of the scams."

You might also like

• Hackers target DocuSign with new phishing threat — watch out, you could be signing your data away
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now

Hackers target companies in the retail and technology sectors the most, especially small or medium firms based in the US.

These are the main findings from new research conducted by the company behind TechRadar's best VPN provider, NordVPN. The team at NordStellar (the provider's threat exposure management platform) and NordPass (its password manager service) have investigated almost 2,000 data breach incidents worldwide over the past two years to understand how cybercriminals choose their victims.

"While small retail companies are highly attractive, other profiles are no less appealing for hackers," said Karolis Arbaciauskas, Head of Business Development at NordPass. "This analysis helped us illustrate which businesses face higher risks and explain what measures can be taken to avoid them."

Which businesses are hackers' favorite targets?

As mentioned earlier, Nord's research found that retail and technology have been the most-targeted sectors over the past two years, suffering a total of 95 and 56 attacks respectively.

Companies providing business services follow suit, with 51 data breach incidents counted during the research period – August 31, 2022, and September 1, 2024.

The top 10 hackers' most-wanted sectors also include more specific technology-related businesses, such as internet and web services (36 attacks), IT services and consulting (35), software development (26), and computer hardware development (22). Entertainment, education, and finance were also on the list, counting 34, 28, and 27 incidents respectively.

These results were surprising, Arbaciauskas explained, considering that the tech and IT sectors are notoriously less vulnerable and better equipped against online threats. Yet hackers know that even if companies employ high-end IT solutions, human mistakes can still occur.

(Image credit: NordVPN)

Besides specific sectors, researchers were keen to find out where highly targeted companies are based.

It doesn't come as a surprise that US companies are the ones getting the most attention from hackers, amounting to almost a quarter of the businesses appearing in the research (489). India (114) and the United Kingdom (73) also made it to the top three, followed by some European countries – Spain and France.

Most remarkably, perhaps, Nord's findings show how cybercriminals prefer attacking small and medium businesses. The majority of the breached companies figured in the research (72%), in fact, had up to 200 employees.

According to Arbaciauskas, this may be because these firms underestimate their value to hackers. "There are targeted attacks, yes, but hackers often go for much broader scope activities, such as credential stuffing, dictionary or rainbow attacks that do not choose their victims," he said, adding that for smaller companies a data breach could even mean the end of their businesses.

Private companies are also the biggest target, accounting for 85% of affected businesses.

How to protect your business from data breaches

As these findings clearly highlight, private and smaller business realities are the ones most at risk of suffering a cyberattack. This is a stark reminder that every type of company – no matter its size – should have a strong cybersecurity strategy in place.

According to Arbaciauskas, it's vital to employ critical security tools across all areas of the business. A reliable password manager solution allows for secure management of company credentials and accesses, for example.

Even if companies are employing high-end IT solutions, human mistakes can still occur

A secure business VPN tool is then the first step towards better resilience against online threats. That's because a virtual private network (VPN) encrypts your employees' internet connections, preventing third-party access to the data leaving their work devices.

He also suggests carrying on regular cybersecurity audits to help you spot weaknesses in the company's IT infrastructure and prepare resilience strategies. Similarly, companies should also invest in cybersecurity training to raise awareness and knowledge among employees to reduce human mistakes – often the main backdoor into serious data breaches.

• New FiiO planar earbuds come in Walnut or Rosewood finish
• The same "Tesla Valve" bass enhancer as the FD15
• Under $100 / £80

FiiO, maker of fine and affordable audio products (see our recent FiiO FT1 and FiiO FH19 reviews for headphones specifically), has announced a new set of planar earbuds with a choice of rosewood or black walnut faceplates. And according to FiiO, they sound as good as they look.

The new FiiO FP3 have been designed with an ultra-light, aluminum and titanium-coated diaphragm that's exceptionally thin and exceptionally stiff. That diaphragm is driven by 14 magnets, seven on each side of the diaphragm, to deliver what FiiO says is "a powerful, responsive sound."

FiiO FP3 Planar Earbuds: key specifications and pricing

The FP3 are Hi-Res Audio Certified and have a frequency response of 10Hz to 40kHz, an impedance of 36 ohms and sensitivity of 105 dB/mW at 1kHz. Their cables are made of 392 silver-plated copper wires, bundled into four strands that then terminate in a detachable 0.78mm 2-pin connector at the earbud end and a gold-plated 3.5mm stereo jack at the other. That's swappable for a 4.4mm plug.

One of the key selling points here is that the FP3 have the same "Tesla Valve" acoustic design as the FD15 earbuds. That's designed to deliver enhanced bass, and judging by the reviews of the FD15 the result is an impressively natural low end that's punchy without losing clarity.

The wooden faceplates don't add significant weight: the earbuds are 6.5g each.

The new FiiO FP3 are available now from AliExpress and Amazon with a recommended price of $92.85 (which makes them around £71 or AU$140, give or take) and puts them squarely in the budget sector – one for consideration in our best wired earbuds guide for sure.

You might also like

• FiiO FH19 review: a potential contender for the best wired earbud crown
• 1MORE Triple Driver In-Ear Headphone review
• The best wired earbuds you can buy today

• Serbian hacker IntelBroker claims to have stolen Nokia source code
• Nokia is “is aware of reports” and is taking the allegation “seriously”
• IntelBroker has a history of high-profile attacks

Nokia has revealed it is investigating a security possible breach involving a third-party vendor after notoruious hacker claimed to have stolen source code from the company.

“Nokia is aware of reports that an unauthorized actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia," the company said in a statement

However, the ongoing investigation is yet to reveal any evidence that Nokia’s systems or data have been compromised.

Nokia breach?

Posting to an online forum, the hacker, known as IntelBroker, said, "Today, I am selling a large collection of Nokia source code, which we got from a 3rd party contractor that directly worked with Nokia to help aid their development of some internal tools."

Although no evidence has been found to back up IntelBroker’s claims, Nokia stresses that it’s taking the allegation seriously and continues to monitor the situation closely.

The hacker claims to have obtained proprietary Nokia software, SSH keys, RSA keys, BitBucket logins, SMTP accounts, webhooks and hardcoded credentials.

IntelBroker is reportedly a Serbian hacker who has been active since October 2022, and has a history of high-profile attacks. More than 80 separate leaks have been posted to online forums by IntelBroker to date, with targets including companies and organizations such as AMD, Apple, Europol and HPE.

Emerging studies are also indicating many companies, from SMBs to multinational enterprises, are failing to comply with basic cybersecurity principles.

Furthermore, employees are increasingly frustrated with a lack of suitable tools and policies, leaving them to turn to public AI tools which pose a risk to company security.

TechRadar Pro has asked Nokia for further details, but the company did not immediately respond.

Via Bleeping Computer

You might also like

• AMD reportedly hacked again — criminals offer data for sale online
• Check out the best endpoint protection software
• Cover your tracks by installing the best VPN

• Apple is introducing hardware-accelerated ray tracing on the Mac mini
• The M4 Mac mini’s base model will use 16GB of unified memory
• This is Apple's best-value desktop PC, starting at $599

Apple’s big reveal of the M4 chips last week promised significant enhancements across the board for its Mac devices, and the M4 Mac mini could get one of the biggest upgrades - a feature called ‘hardware-accelerated ray tracing’ for gaming.

The Cupertino company has considered gaming on previous Apple Silicon Macs, but the last base model M2 Mac mini only utilized 8GB of unified memory (similar to base M2 and M3 models of the MacBook Pro), and because this memory is shared between system memory and video memory (hence being called ‘unified’) it meant those chips couldn’t handle advanced graphics like ray tracing. However, the base model of the M4 Mac mini starting at $599 (£599 / AU$999) comes with 16GB of unified memory.

It’s no wonder Apple is looking to boost its Macs gaming credentials, as the gaming library for Macs is continuing to grow, and the mention of hardware-accelerated ray tracing for games like Prince of Persia: The Lost Crown and Control (which can be found on the official Mac mini page), suggests it could finally be time for Apple to take a serious step into the gaming PC market (potentially consoles too).

Could the pricing of the M4 Mac mini provide competition for Windows gaming PCs?

Considering its small size, gaming capability claims from Apple, and the pricing of the M4 Mac mini, I believe this will certainly shake things up in the desktop gaming PC market. While going toe-to-toe with the best gaming PCs available is unlikely, the $599 (£599 / AU$999) price is a steal considering the performance enhancements present within the M4 chip.

The prices of GPUs (specifically Nvidia’s high-end GPUs) leave some gaming experiences out of reach for many PC gamers. With the M4 chip, you’ll have the luxury of a 10-core CPU and GPU and the aforementioned 16GB of unified memory (which some pre-built gaming PCs don’t have).

This alongside Apple’s move to bring more popular games to Mac devices like the Resident Evil 4 remake and Cyberpunk 2077, shows us that gaming is slowly but surely becoming a strong selling point for the company, and the M4 Mac mini appears to be the next big step in the right direction…

You might also like...

• Apple is adding 3 more useful upgrades to your iPhone with iOS 18.2 – including a Camera Control boost
• Your Mac’s menu bar will finally get a weather widget in macOS Sequoia 15.2 – plus these Apple Intelligence features
• Apple’s M4 Macs are here, but you’ll need to install a quick macOS Sequoia update first to unlock all the Apple Intelligence goodness

• Grindr employees were allegedly given two weeks to relocate
• The company laid off 83 workers for failing to comply
• It added the union was only formed after the policy was published

The National Labor Relations Board (NLRB) has filed a formal complaint against LGBTQ dating app Grinder over its enforcement of a return-to-office policy, which it alleges was only enacted to retaliate against the formation of a workers’ union.

According to the report, Grindr terminated the contracts of “about 83 employees” after they failed to comply with the new RTO mandate.

However, the workers were allegedly only given two weeks to relocate to a designated hub city or resign.

Grindr fired workers for failing to comply with RTO within two weeks

The NLRB’s investigation was triggered by six unfair labor practice charges filed in August, representing workers in California, Nevada and Hawaii.

Grindr’s relocation requirements were notably challenging for many workers given the short notice period. Trans employees were among the most affected, being that many faced struggles to locate alternative healthcare in sufficient time.

The dating app denies the accusations, describing them as “meritless” and arguing that the union activity only emerged after the company announced its RTO policy.

The union added: “In response, Grindr management hired notorious union-busting Littler Mendelson and quickly established a retaliatory return-to-office (RTO) policy.”

More broadly, Grindr’s efforts to get workers back into the office reflects an industry-wide trend in the tech sector. Companies like Amazon, Google and Microsoft have all reduced the amount of time that workers have at home, but criticism always arises accusing companies of using these policies to encourage resignations and reduce the need for layoffs.

If Grindr can’t come to an agreement, the case will be heard by an administrative law judge in March 2025.

The union, Grindr United-CWA, commented: “Today’s complaint from the NLRB is another huge victory for our union.”

Grindr did not immediately respond to TechRadar Pro’s request for a comment.

You might also like

• Hundreds of Amazon employees petition CEO to reverse return-to-office policy
• Find a new role with the best job sites and best recruitment platforms
• We’ve listed all the best hybrid working tech you need

• APK teardown reveals potential updates to Google's Pixel Screenshots app
• New features include new app shortcuts and image scanning abilities
• It's not confirmed when, or even if, these features will be released

Google's Pixel Screenshots app, which provides a dedicated gallery and AI search function for (you guessed it) screenshots, is due to receive some major improvements with a coming update.

Coming additions include two new shortcuts and a new home screen layout, as well as the possibility of copying and contacting email addresses and phone numbers from a screenshot.

That’s according to Android Authority, who have published a new APK teardown looking into the code and features of the next update to the Screenshots app.

For reference, APK here stands for Android Package, which is the file type used to deliver apps, games, functional software, and updates to all three to Android devices.

Pixel Screenshots: upcoming new features

The most immediately noticeable new feature is the Pixel Screenshots app's subtly redesigned home screen, which has changed from a list of gallery display options to simply showing the gallery with a toggle to change the view type.

There also seems to be a new gesture enabled, allowing users to long-press-and-swipe over a group of screenshots to select multiple images – the teardown also finds that users may be able to rename collections.

As for the new shortcuts, these refer to the functions available with a long-press of the app icon on the phone’s home screen or app drawer.

The two shortcuts that seem to be on the way are “Gallery” and “Camera”, allowing users to access and add to their screenshots with even less hassle.

What’s more, the Screenshots app will seemingly allow users to copy, contact, and save email addresses or phone numbers from images – this seems like a logical addition to the current set of AI tools included in Pixel Screenshots, but this isn’t yet confirmed.

Keep in mind that this is neither a scheduled or implemented update yet, so some or all of these features could change before release, or not make it to users at all.

For the latest official updates as we hear them, be sure to keep up with our Google Pixel phones coverage and Android coverage.

You might also like

• A Samsung Galaxy S25 Ultra benchmark suggests it could be the most powerful phone on the planet
• Apple is adding 3 more useful upgrades to your iPhone with iOS 18.2 – including a Camera Control boost
• This iPhone 17 display rumor is the biggest reason yet to skip the iPhone 16

• Projector improvements are still in beta
• Support for new aspect ratios including 21:9
• Improved dialog and show information, too

The latest version of Apple's tvOS system for the Apple TV 4K introduces some new features that'll be particularly useful for viewers with the best 4K projectors, or people who connect their Apple TV to widescreen monitors rather than TVs.

In tvOS 18.2, Apple has added support for aspect ratios including 21:9. That's not going to be relevant to most people viewing on TVs, which tend to be 16:9. But it's great for ultrawide monitors and for projectors.

What improvements does tvOS 18.2 deliver?

The big draw here is the new aspect ratio support. The options are:

• Automatic
• 16:9
• 21:9
• 2.37:1
• 2.39:1
• 2.40:1
• DCI 4K
• 32:9

In addition, the new beta improves Apple's Enhance Dialog feature, turning on subtitles when you press the mute button, and there's a redesigned Apple Fitness Plus app as well as improved support for using an iPhone as a FaceTime camera. The beta also includes InSight, a similar feature to Prime Video's X-Ray that tells you who's on screen and what music is playing.

One feature that's coming, but that hasn't arrived yet, is new screensavers. The current crop are all very nice, but they've become rather familiar, and Apple is promising to bring screensavers from some of its hit shows on Apple TV Plus. We don't yet know when those new screensavers will arrive, however.

The improvements are currently in beta, which means they're in final testing before release: if you don't mind risking the odd bug or crash you can enrol your Apple TV 4K from the Software Updates part of its Settings menu, though we'd suggest just waiting for the finished version.

The final release of tvOS 18.2 is currently scheduled for December 2024.

You might also like

• Apple TV+: how to sign up and what to watch
• The best Apple TV shows to stream in November 2024
• Prefer Android? Discover the best Android box of 2024

• Netflix will shelve nearly all of its interactive titles next month
• Out of the 24 interactive specials, only four will remain
• There's still interactive content available within Netflix games

Netflix will remove nearly all of its interactive shows and movies on December 1, which means now's the time to take advantage of your subscription and actually play them before they're gone.

The best streaming service confirmed the news to The Verge, where they revealed that only four out of the 24 Interactive Specials will remain. These are Black Mirror: Bandersnatch, Unbreakable Kimmy Schmidt: Kimmy vs. the Reverend, Ranveer vs. Wild with Bear Grylls, and You vs. Wild.

I remember playing one of Netflix's first interactive movies Black Mirror: Bandersnatch back in 2018, and being both fascinated and frightened by the dark turns in this next level storytelling. The removal of the titles marks a disappointing end to a new form of engaging narrative experiences for audiences.

In addition to interactive specials, such as Jurassic World Camp Cretaceous: Hidden Adventure and Barbie Epic Road Trip, Netflix also made other interactive forms of content, including quizzes, a daily trivia series, which we unfortunately found boring, and a trivia game you could play with a friend. Given the limited amount of titles available in this format and the lack of variety, it suggests that they weren't a success for the streamer.

What interactive specials will be leaving Netflix?

Choose Love, an interactive rom-com will be removed from Netflix. (Image credit: Netflix)

Netflix's first interactive stories were released in 2017: Puss in Book: Trapped in an Epic Tale, Buddy Thunderstruck: The Maybe Pile and Stretch Armstrong: The Breakout. However, Puss in Book: Trapped in an Epic Tale seems to have disappeared from the streamer.

It's a shame to see these various interactive titles removed from the streaming platform as they cater to a wide audience. Netflix's latest title Choose Love, is an interactive rom-com where you choose your own romantic adventure, meanwhile Escape the Undertaker delves into the world of WWE. There's also specials based off franchises like Carmen Sandiego: To Steal or Not to Steal, The Boss Baby: Get That Baby!, and Captain Underpants Epic Choice-o-Rama.

“The technology served its purpose, but is now limiting as we focus on technological efforts in other areas,” spokesperson Chrissy Kelleher told The Verge.

However, this news doesn't mean that the streamer is straying away from interactive titles related to some of their best Netflix movies and shows. On its visual novel app Netflix Stories, there are games based on my favorite reality shows Selling Sunset and Love is Blind, as well as hit series Outer Banks and Emily in Paris that you can still enjoy.

You might also like

• Woman of the Hour is the scariest movie I've seen in 2024 so far and it's not even a horror
• 3 new Netflix shows I'm excited to watch with over 88% on Rotten Tomatoes
• Squid Game season 2's official trailer reveals a big plot twist that I can't wait for in the wildly popular Netflix show's next chapter

• New Windows 11 preview build is almost entirely about bug fixing
• There are some important fixes delivered for the Start menu and more
• Microsoft is working hard to firefight all the glitches in Windows 11 24H2

Windows 11 has been hit by a whole load of bugs in recent times, with the move to version 24H2, as you’ve probably noticed – but the more positive news is that Microsoft is busy fixing a fair few of those gremlins in the works.

We’ve got evidence of this courtesy of the latest preview release of Windows 11 pushed out to the Dev channel, namely build 26120.2213.

Microsoft lists the work underway in terms of bug fixing in the usual blog post, and while there’s a whole lot of resolving glitches going on, some of it’s more mundane – so let’s pick out some of the highlights.

A notable bug we’ve recently reported has hit Task Manager, resulting in it showing that there are zero apps and processes running on the host PC – which, of course, can never happen (otherwise Windows 11 itself wouldn’t be working, never mind anything else). Microsoft informs us that it has resolved this issue where Task Manager is claiming a zero count for running processes.

On top of that, an ‘underlying issue’ with the most recent 24H2 preview that meant some games were completely failing to launch has been cured here.

Multiple bugs with the Windows 11 Start menu have been fixed with build 26120, including one where people were seeing a large amount of spacing between the apps present in the menu’s list of applications. There also a broad cure for an issue “impacting Start menu reliability” we’re told.

There’s a similar problem with File Explorer where items in the navigation pane were also becoming too spread out, with too much spacing between them for some users, and this has been remedied too. A more minor issue where RAW images taken in portrait mode were displaying in landscape mode with File Explorer’s thumbnails has also been fixed.

Furthermore, Microsoft has applied a clutch of fixes for various minor problems with the taskbar, including a glitch where the ‘X’ button to close a window off the taskbar preview (that pops up when you hover over the app on the bar) wasn’t working.

(Image credit: Shutterstock) Analysis: It’s all about the bug squashing

This preview release of Windows 11 is notable because there’s hardly anything at all here in terms of feature additions (just a minor change for the IME toolbar which won’t make any difference to most users).

Almost all of this build is about fixing bugs, and aside from that, there are a couple of known issues flagged which haven’t yet been resolved. One of those is the bugs with the new gamepad keyboard layout for Windows 11 users that have meant it has been put on ice for the time being, and the other is a problem where those running multiple monitors are seeing corruption with their desktop background (with “big black areas” appearing mysteriously).

Microsoft is still working on the cures for those issues, and a fair few other problems besides that are affecting the latest incarnation of its desktop OS. To say Windows 11 24H2 has got off to a rocky start in terms of bugs is something of an understatement, in fact, but it does appear that Microsoft is working hard to firefight these various problems.

You may also like...

• Windows 11 or bust: Microsoft is boldly urging Windows 10 users to move on, or get left behind
• Don’t make these 5 big mistakes when using Windows 11
• Windows 10 has a year left to live – but are users prepared to upgrade to Windows 11?

• Royal Enfield has created an all-new EV sub-brand
• The bike is targeting 100 miles of range
• An urban commuter and scrambler are in the works

Royal Enfield has revealed the 'next chapter' for the company with the unveiling of its Flying Flea dedicated EV brand.

With the full backing of the Indian-owned motorcycle company, a marque that has been producing two-wheeled transport since 1901 and is on course for selling almost one million motorcycles a year, Flying Flea will go on to represent and entire family of electric motorcycles that offer a “city++” range.

This equates to around 150km (93 miles) on a single charge, according to Mario Alvisi, chief growth officer at Royal Enfield.

The first battery-powered bikes will arrive in 2026 and will be badged the Flying Flea C6. It takes inspiration from the lightweight 125cc motorcycle that was developed to be parachuted into conflict zones during World War 2.

(Image credit: Royal Enfield)

The Flying Flea grew in popularity following the war, as huge demand for cheap, low maintenance transport peaked.

Managing director, Siddhartha Lal, says that the Flying Flea brand is “going for disruption” and that it will spawn a family of electric bikes, with the reveal event also including a look at a future scrambler style S6 model.

The C6, with its single seat and slim tank, features a number of innovative design touches, including a girder fork at the front, compact battery pack with deep cut cooling fins and the classic Royal Enfield crankcase cover that protects the belt drive final drive system.

It's draws on a similar retro-futuristic vein as the Maeving RM1S, just with the added glitz and polish of a company with years of experience mass producing motorcycles.

(Image credit: Royal Enfield)

During a chat with Mario Alvisi following the unveiling, the chief growth officer revealed that the company had developed everything in-house, from the motor to the touchscreen infotainment and software that powers it.

This is what he believes will allow Royal Enfield to be successful in a market that is notoriously difficult on start-ups.

"Royal Enfield has always been accessible and Flying Flea needs to be the same," he said. "Other brands tend to rush into these things and buy many off-the-shelf parts. The costs soon adds up and it’s difficult to make it work financially," he added.

It helps that Royal Enfield invested €50 million in Spanish electric off-road motorcycle start-up Stark in late 2022. The partnership has seen a lot of Stark's learnings in its off-road Varg model influence both the upcoming C6, the more off-road orientated C6 and the upcoming Himalayan electric adventure bike.

Analysis: A likely success, if the price is right

(Image credit: Royal Enfield)

Once launched, the Flying Flea brand will go up against the likes of Maeving’s RM1S, as well as pricier options from BMW (the CE02) and even Kawasaki’s first stab at an EV in the seriously under-powered and seriously under-ranged Ninja e-1 model.

More recently, Can-Am has entered the market with its Pulse and Origin machines, which offer some excellent tech and an engaging ride. But they are out of the reach of many thanks to their high price points.

Royal Enfield needs to ensure the pricing is spot on, continuing its reputation in the ICE (internal combustion engine) motorcycle market as the affordable and accessible option.

If it can do this and still deliver a great infotainment offering, as well as a fun and reliable ride (not to mention a solid all-electric range), it might just be the first brand to crack the mass-produced electric motorcycle market.

You might also like

• I rode the new Maeving RM1S – and it's the first truly convincing 125cc electric motorbike I've tried
• Hyundai's bold new hydrogen concept EV gives us a glimpse of its future, but the tech still has a long way to go
• The Xiaomi SU7 Ultra EV has been unleashed – and it’s already bagging speed records

• A phishing attack leads to the download of a large file
• The Linux VM comes preloaded with malware, granting crooks all kinds of advantages
• Securonix advises caution when handing inbound emails

A creative new phishing technique has been spotted that looks to trick victims into downloading and installing a virtual Linux machine on their Windows endpoints. The virtual machine comes preloaded with a backdoor, granting the crooks unabated access to the compromised devices.

A report from cybersecurity researchers Securonix dubbed the campaign ‘CRON#TRAP’. It starts with a fake “OneAmerica” survey which distributes the VM installation file (285 MB), and a fake error popup image.

If the victims fall for the trick and trigger the installer, it will run in the background, while showing the fake error message in the front. That way, the victims will think that the survey was unavailable at the time. In the background, though, a fully legit version of a Linux VM, called TinyCore, will be installed via QEMU, a legitimate, open-source virtualization tool that allows for emulating various hardware and processor architectures.

Tricking the AV

Since QEMU is legitimate, no antivirus programs flag it as malicious. Furthermore, they will not flag anything that happens in the virtual machine, since it is walled in and operates as a sandbox. “This emulated Linux environment enables the attacker to operate outside the visibility of traditional antivirus solutions,” the researchers explained.

However, since the VM comes with a backdoor, crooks can use it for a number of things, including network testing and initial reconnaissance, tool installation and preparation, payload manipulation and execution, configuration persistence and privilege escalation, SSH key manipulation for remote access, file and environment management, system and user enumeration, and potential exfiltration or command control channels.

The backdoor was said to contain a tool called Chisel, which is a network tunneling program, pre-configured to set up a secure communications channel with the C2 server.

Since the campaign starts with a simple phishing email, Securonix advises care when handling inbound emails.

Via BleepingComputer

You might also like

• Cactus ransomware hackers say they stole terabytes of Schneider Electric data
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now

• macOS Sequoia 15.2 is getting a Weather widget in the Menu Bar for quick access to forecasts, currently hidden in the developer beta
• This beta brings Apple Intelligence tools like like Image Playground (for text-based image generation) and ChatGPT integration
• Apple Intelligence features, including Image Playground, will need an Apple silicon processor, but the Weather widget may be available for all users

Apple has released developer beta versions of iOS 18.2 and macOS Sequoia 15.2 to test out a bunch of new features, including Apple Intelligence, and one of the most interesting additions is a new Weather widget that you’ll be able to add to the Menu Bar at the top of the screen.

As this version of Sequoia is still in developer testing, the new features could still change and may look or perform differently upon release. Currently, the Weather widget is disabled by default and needs to be activated in the System Settings app, in the Control Center.

As shown in a screenshot provided by 9to5Mac, it’ll live in the Menu Bar with a small weather icon and the temperature, next to the time, battery life, Wi-Fi connection, and other icons. When you click on this, the widget will pop-up, showing you the weather for the next few hours of the place where your device is located, as well as temperatures in various places around the world. You also get the option to open the Weather app if you want more information.

From the preview, it looks like a quick way to get important weather information without having to open the app or check a weather forecast website in a browser.

New Apple Intelligence features and when you can expect them

As well as the shiny new Weather widget, masOS Sequoia 15.2 promises to bring new features supported by Apple Intelligence. On the list are Image Playground, Apple’s dedicated AI image generation app that will create images based on text descriptions, and ChatGPT integration, intended to let users access ChatGPT directly in macOS or use it within certain apps.

The new Weather widget and new features, along with other changes, are expected to arrive as a part of macOS Sequoia 15.2 in December 2024. If you want to try them out early, you’ll need to be subscribed to Apple’s developer beta releases. Once the final release is out, you should be able to access these features if you have a Mac with an Apple silicon processor (which is required for Apple Intelligence).

It’s not clear yet if having an M-class chip will also be a requirement for the new Weather widget, although I suspect this will be available to all macOS Sequoia users.

YOU MIGHT ALSO LIKE...

• Planning to buy Apple’s new USB-C Magic accessories? Make sure you’re running macOS Sequoia 15.1 first
• Planning to buy Apple’s new USB-C Magic accessories? Make sure you’re running macOS Sequoia 15.1 first
• Apple’s M4 Macs are here, but you’ll need to install a quick macOS Sequoia update first to unlock all the Apple Intelligence goodness

• Project Zero and DeepMind "big AI" uncovers security vulnerabilities
• Big Sleep finds a SQLite stack buffer underflow flaw before official release
• AI could revolutionize software development by discovering critical flaws

A collaborative “big AI” project between Google Project Zero and Google DeepMind has discovered a critical vulnerability in a piece of software before public release.

The Big Sleep AI agent was set to work analyzing the SQLite open source database engine, where it discovered a stack buffer underflow flaw which was subsequently patched the same day.

This discovery potentially marks the first ever time an AI has uncovered a memory-safety flaw in a widely used application.

Fuzzed software out-fuzzed by AI

Big Sleep found the stack buffer underflow vulnerability in SQLite which had been ‘fuzzed’ multiple times.

Fuzzing is an automated software testing method that can discover potential flaws or vulnerabilities such as memory safety issues that are typically exploited by attackers. However, it is not a foolproof method of vulnerability hunting, and a fuzzed vulnerability that is found and patched could also exist as a variant elsewhere in the software and go undiscovered.

The methodology used by Google in this instance was to provide a previously patched vulnerability as a starting point for the Big Sleep agent, and then set it loose hunting for similar vulnerabilities elsewhere in the software.

While hunting for a similar vulnerability, Big Sleep encountered a vulnerability and traced the steps it took to recreate the vulnerability in a test case, gradually narrowing down the potential causes to a single issue and generating an accurate summary of the vulnerability.

Google Project Zero points out that the bug wasn’t previously spotted using traditional fuzzing techniques as the fuzzing harness was not configured to access the same extensions. However, when fuzzing was re-run with the same configurations, the vulnerability remained undiscovered despite 150 CPU-hours of fuzzing.

“We hope that in the future this effort will lead to a significant advantage to defenders - with the potential not only to find crashing testcases, but also to provide high-quality root-cause analysis, triaging and fixing issues could be much cheaper and more effective in the future,” the Big Sleep team said. “We aim to continue sharing our research in this space, keeping the gap between the public state-of-the-art and private state-of-the-art as small as possible.”

The full testing methodology and vulnerability discovery details can be found here.

You might also like

• These are the best business VPNs
• Proton VPN lands on next-generation Windows devices
• Take a look at our guide to the best antivirus

• Apple News is providing real-time US election updates via Live Activities
• The alerts will pop up on both the iPhone and Apple Watch
• You can can turn on the Live Activities lock screen widgets in Settings

It’s election day in the US and it’s clear from social media and speaking to our US colleagues that stress levels are reaching a fever pitch as they wait to see who comes out ahead in the presidential race. However, for people who feel they aren’t yet stressed enough, or folks who really have no interest in sleeping tonight, Apple News is able to give iPhone and Apple Watch users real-time election updates through Live Activities.

Live Activities use lock-screen notifications, banners and the Dynamic Island to display up-to-date information about a live event or activity like a sports game score, how far away your Uber driver is, or the results of the 2024 US Presidential election.

So if you switch it on you can spend your election night with a constant visual reminder of which candidate is ahead with a live electoral count – with the lock-screen widget also giving you quick access to more in-depth election coverage.

How to turn on Live Activities

You can turn Live Activities on (or off) by going to the Face ID & Passcode section in Settings, then toggling the option in the menu. (Image credit: Apple / Future)

While they aren’t going to be for everyone, if you’re interested in turning on Live Activity reports for the US election (or other events) here’s what you need to do.

Firstly, go into your iPhone’s Settings app, find the ‘Face ID & Passcode’ section, enter your passcode when prompted, and under the ‘Allow Access When Locked’ subsection enable Live Activities if it isn’t already – this will switch on the Live Activities lock-screen widget.

Next you’ll want to open up Apple News on election night, then tap on the ‘Follow the 2024 election live’ banner and turn on the Live Activity. The banner should either appear on your home page (perhaps under Top Stories) or you can find it by going to the ‘Election 2024’ Special Coverage.

Phones without a Dynamic Island (iPhone 14 and earlier, ignoring the iPhone 14 Pro) will still get the lock screen widget, but they won’t see the constant live count at the top of their screen. As for Apple Watch users, once you switch the Live Activity on it should automatically appear on your smartwatch provided it runs watchOS 11.

It isn’t yet known how long Apple News will keep the Live Activity going, but it could be live for a while. Some presidential results have been announced in hours, some have taken days as states firm up their scores for each candidate. If at any point you wish to switch it off before the Activity ends just re-find the Apple News banner and switch the Live Activity off by tapping it again.

You might also like

• iOS 18.2 could land a week earlier than expected
• How to send satellite messages on iPhone
• How to customize your iPhone’s Home Screen in iOS 18

• Prime Video is testing a new AI feature that recaps movies and shows
• X-Ray Recaps develops personalized episode and season summaries
• The new feature is limited to Amazon Fire TV customers in the US

Prime Video subscribers might soon get a great new feature that will create personalized summaries of episodes and seasons you've watched of a movie or show.

X-Ray Recaps is a new feature that's being rolled out in beta to customers in the US who own Amazon Fire TVs only, such as the best TV for those on a budget, the Amazon Fire TV Omni QLED. However, Amazon has said that support for more devices will come by the end of the year.

The new feature is part of Amazon's generative AI suite of X-Ray tools that it started adding in 2022 and is designed to help catch you up on anything you've missed from one of the best Prime Video shows or best Prime Video movies.

Instead of searching online for recaps that might contain spoilers or rewatching parts of an episode you've already seen, X-Ray Recaps will allow you to be able to get a useful summary of a show you're watching, no matter where you stopped streaming.

When you launch X-Ray Recaps during a show, you'll be able to choose from different types of episode or season recaps. (Image credit: Amazon)

As someone that struggles to keep up with what happened at the end of a show that's been on a year-long break, I'm very excited to try out this new feature (well, if all goes well with the testing period and X-Ray Recaps makes its way outside of the US).

The fact that it's personalized to where you stopped watching a title will likely be very useful too. I'll admit, I've definitely been known to sometimes fall asleep during some movies and shows, and trying to find where I last remembered can be a pain.

I'm not alone either, as Amazon's vice president of the product Adam Gray has said that the tool was built to address "common problems customers face when streaming content". Forgetting where you left off is one we're all used to after all.

How can you use X-Ray Recaps?

(Image: © Amazon)

If you own an Amazon Fire TV and live in the US, then you can test out the X-Ray Recap feature by launching it from the homepage of Prime Video or going to a title and clicking on the dotted circular arrow symbol to open a side panel.

This panel will show you various recap options to choose from, depending on how far back you need to go. This includes summaries for the current or last episode you're watching, the previous season or the season so far.

You'll be able to use the feature on all Prime Video Original series at launch, including The Lord of the Rings: Rings of Power season 2, Daisy Jones and the Six, The Boys season 4 and Mrs and Mrs Smith.

You might also like

• Prime Video's new #1 movie is Apocalypse Z: The Beginning of the End
• 7 movies new on Prime Video in November with high ratings
• Everything new on Prime Video in November 2024

• iOS 18.2 beta 2 adds a new ChatGPT daily limit tracker in Settings
• ChatGPT Plus lets you bypass the free daily limits in Siri
• ChatGPT Siri integration launching in December

iOS 18.2’s second developer beta now has info on Siri’s ChatGPT daily limit, giving us an insight into how the upgraded Siri will work when it launches in December.

Nestled in settings, iOS 18.2 beta 2 adds an Advanced Capabilities section that shows whether you’re under the daily limit for ChatGPT’s advanced capabilities. It also offers an option to upgrade to ChatGPT’s premium subscription, Plus, if you want to avoid the daily limits.

The settings pane reads: “You’ll have access to ChatGPT’s advanced capabilities until you reach your daily limit. Additional requests will use the basic version for up to 24 hours.”

This is no surprise, as when Apple originally announced ChatGPT integration with Siri at WWDC in June the company was clear that Siri’s ChatGPT features would be subject to the same limitations as using ChatGPT via OpenAI’s mobile app or through a web browser.

ChatGPT offers a $19.99 /£16 (approx AU$30) monthly Plus subscription for users who use complex prompts often, and who want the best AI experience possible.

ChatGPT in Siri

(Image credit: Future / Apple)

ChatGPT Plus gives you 5x more messages on OpenAI’s Gpt-4o AI model, and access to even more advanced models like o1-mini, which has reasoning capabilities for difficult math problems and scientific equations. On top of that, ChatGPT Plus lets you upload more photos and files, generate images, and use ChatGPT’s Advanced Voice Mode for longer than 10 minutes a month.

While it’s unclear how these specific ChatGPT features integrate into Siri, these capabilities are advertised directly from within the Settings app when you opt to upgrade to ChatGPT Plus.

ChatGPT Plus subscribers can also access the new ChatGPT Search early, although for the time being access is limited to via the ChatGPT app or Safari rather than directly from Siri.

As it stands, Apple is expected to add ChatGPT integration to Siri in early December, alongside other Apple Intelligence features like Genmoji and Image Playground. Siri will get even smarter early next year when it receives a massive Apple Intelligence upgrade that includes personal context and on-screen awareness, so the virtual assistant can answer queries related to whatever you’re doing on your device.

We’ll need to wait until December to see if it’s worth upgrading to ChatGPT Plus specifically for a better Siri experience, but most people should be able to experience the best ChatGPT has to offer within the daily limits, and adding this new section to Settings will make it to track and manage just how much, if at all, you’d benefit from upgrading to Plus.

You might also like...

• ChatGPT-5 won’t be coming in 2025, according to Sam Altman – but superintelligence is ‘achievable’ with today’s hardware
• Between Perplexity’s new macOS app and ChatGPT’s search launch, conversational search just got a lot more fun
• Experts warn some ChatGPT models can be hacked to launch deepfake scams

• Two new 24-hour scenes are coming for your Philips Hue lights
• You will be able to choose either Golden Hours or Nature's Colors
• The scenes will arrive with an app update in the near future

Your Philips Hue smart lights will soon be able to shift colors throughout the whole day, with shades chosen to make you feel energized during work hours, and gradually wind down in the evening.

Scenes are preset effects that can be applied across all your Philips Hue smart lights. The mobile app includes lots of ready-made options, including Futuristic, Cozy, and Party Vibes, and you can choose to have your lights remain static, or cycle through colors dynamically. Alternatively, you can make and share your own custom scenes.

As Fabian of Hueblog.com explains, you'll soon be able to take your pick from two new 24-hour scenes: Golden Hours and Nature’s Colors. Judging by a leaked screengrab, Golden Hours appears to feature mostly warm, complimentary shades. Nature's Colors looks more likely to represent the shifting temperature of sunlight from warm to cool, and back again in a similar way to the Natural Light scene that launched in 2022.

We don't yet have a release date for the two new scenes, but judging by the polished look of the leaked app screengrab, they could arrive very soon via a software update.

Scenes are ready-made profiles for your Philips Hue lights that are designed to set a certain mood Get started with Hue

Philips Hue makes some of the best smart lights you can buy, including bulbs for virtually every type of fixture, LED light strips, and lamps for floors and tables. They connect to your Wi-Fi network (and to each other) via the Philips Hue Hub, which allows you to control them via a mobile app, or using smart speaker voice commands. They can also be triggered by smart switches, cameras, and sensors.

The biggest disadvantage of the Hue system is the price, with a single smart light bulb often costing over $50/£40/AU$60. However, they're a lot more affordable right now thanks to a raft of early Black Friday deals.

For example, in the US you can grab a starter kit containing four bulbs and a Hue Bridge for only $154.94 at Amazon, while in the UK you can pick up a three-pack of Light & Color Ambiance bulbs for just £95.97 at Currys.

You might also like

• Try before you buy: you can now use AR to preview how Philips Hue lights will look in your home
• Nanoleaf launches new Blocks smart lights to take your gaming setup to the next level
• Philips Hue's pricey HDMI Sync Box has finally received an 8K upgrade - and now it's even more expensive

• Windows Server 2025 is generally available today
• It’s designed with the cloud and AI in mind
• Previous Windows Server versions will get new features

Microsoft has announced the general availability of Windows Server 2025, which it says is designed with security and performance in mind.

Purportedly “tailored to meet customers’ diverse needs,” the latest iteration of the server operating system includes features to make deploying and managing it easier and safer.

Together with the launch of a brand-new version, Redmond has also committed to keeping previous versions – like 2016, 2019 and 2022 – up-to-date with new features.

Windows Server 2025 is now available

The launch of Windows Server 2025 comes several months after the company faced its own high-profile security issues.

As a result, the update includes a series of multilayered security features, including Active Directory with added cryptographic support for identification and authentication, Server Message Block (SMB) hardening against cyber threats and Delegate Managed Service Accounts (dMSA) for enhanced password management and more administrator visibility.

On the cloud front, Microsoft has added ‘hotpatching’ for certain Windows Server 2025 applications running on physical machines, VMs, on-prem or multicloud servers for enhanced software updates, back-up and recovery with reduced downtime.

Unsurprisingly, Windows Server 2025 also has a few changes designed specifically for artificial intelligence, including GPU partitioning and boosted NVMe storage performance for up to 60% more storage IOPs performance compared with Windows Server 2022.

The release coincides with the launch of System Center 2025 to facilitate the management of large groups of computers, including remote control, patch management, software distribution, OS deployment and inventory management.

Blog post author and CVP for Azure Edge and Platform, Ian LeGrow, added: “We are also excited to bring new features to customers on existing Windows Server versions like 2016, 2019, 2022, as well as 2025.” No further information regarding new features was shared.

You might also like

• We’ve listed the best servers for small businesses
• Check out our roundup of the best cloud computing services
• Windows Server is making a major security upgrade that should help prevent future hacks